Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/uZFZCNdxuJ-wKkICWP53nAPHl38.roa
File: uZFZCNdxuJ-wKkICWP53nAPHl38.roa (raw, json)
Hash identifier: ITdrMqcblKmw+1JWBSlz/efLpErF5MeSr/2FZmYVBZo=
Subject key identifier: B9:91:59:08:D7:71:B8:9F:B0:2A:42:02:58:FE:77:9C:03:C7:97:7F
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018EEC66D58962FE559B8B7D5BA672A142D8
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/uZFZCNdxuJ-wKkICWP53nAPHl38.roa
Signing time: Wed 17 Apr 2024 14:12:26 +0000
ROA not before: Wed 17 Apr 2024 14:12:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.102.96.0/20 maxlen: 24
5.102.96.0/21 maxlen: 24
82.163.52.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 19 Apr 2024 19:37:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ec:66:d5:89:62:fe:55:9b:8b:7d:5b:a6:72:a1:42:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Apr 17 14:12:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b9915908d771b89fb02a420258fe779c03c7977f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:25:8c:e7:12:e6:18:ae:47:7a:f9:c6:b8:7b:
9a:02:7a:b7:30:71:00:33:1b:a9:a3:83:cf:eb:8d:
3b:8a:2d:f1:d5:3b:2d:41:2a:fa:3a:56:a1:13:c1:
70:10:f8:d3:68:1b:43:49:a8:f9:d0:76:2d:5d:fb:
97:7f:c7:e4:49:31:39:9c:0a:b4:f6:af:48:7e:d8:
8f:7a:06:a7:59:1d:df:77:ef:13:89:be:fc:15:14:
b7:86:b1:3b:bd:5e:4a:2e:bc:7c:47:bf:b5:2c:c7:
4c:cd:71:ba:6d:a4:18:86:cf:99:f0:3f:74:87:09:
74:34:a1:90:9d:3b:f1:f2:54:3f:f2:ea:0a:8d:1e:
88:1a:cc:fd:2a:9f:b3:29:4f:5a:2c:89:ba:c6:d9:
a1:d4:25:2e:cf:51:1a:fc:73:1e:67:67:3d:2d:8d:
49:a6:26:5b:d2:86:b5:aa:95:f2:85:bd:14:45:47:
62:6f:77:81:84:8b:77:d9:3e:10:c0:25:f2:2b:f2:
bb:e0:5c:92:fa:bc:f7:d8:99:66:a5:80:e7:dc:48:
53:09:ea:56:e8:f3:f5:c6:b6:7e:0d:64:22:11:ef:
7c:6a:6d:05:6e:18:0d:1a:d8:6e:71:c1:05:d7:8f:
59:85:4f:9f:39:d8:d9:d2:e1:96:4e:58:26:b4:99:
27:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:91:59:08:D7:71:B8:9F:B0:2A:42:02:58:FE:77:9C:03:C7:97:7F
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/uZFZCNdxuJ-wKkICWP53nAPHl38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/20
82.163.52.0/23
Signature Algorithm: sha256WithRSAEncryption
53:da:52:a2:a1:ed:72:26:96:7e:42:f4:08:86:ec:5a:b0:9f:
37:eb:0e:a7:88:cd:e4:9b:52:82:05:0e:0b:d9:63:eb:bb:91:
29:fb:49:93:a3:ca:4a:ab:d9:2b:b1:f4:54:10:ce:9a:ba:6d:
56:e4:e9:18:23:e7:3a:e1:77:ff:6d:9a:dc:b4:ab:61:11:24:
d5:16:98:90:21:8f:ee:6e:61:58:89:67:82:7f:81:fe:40:4d:
c8:20:ae:98:c3:e0:89:63:f6:3c:25:e3:77:55:2b:74:6f:b2:
41:b8:c2:6c:1c:79:ec:84:18:63:6b:df:d3:26:fe:7f:d4:60:
a4:0e:75:f9:91:0b:9f:d8:2e:70:4f:42:10:76:13:fb:c1:9b:
15:34:ea:37:ed:3a:a4:6b:54:5f:50:34:f5:a8:6b:e6:40:78:
10:43:a8:bd:54:71:75:29:47:b8:dd:d4:2a:2a:54:95:21:08:
56:65:c2:1a:50:61:b6:2a:36:4e:a4:e6:82:f7:19:da:5e:10:
7b:31:16:67:2e:d2:d4:89:33:85:74:53:31:0b:07:44:b2:ec:
a2:c6:ae:e0:88:fe:13:52:1d:ae:6d:87:54:6b:f8:5d:bd:2b:
5f:0a:8c:93:cb:a7:2a:b0:8e:92:e3:23:15:e3:87:2c:86:fa:
3a:ca:f2:48
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY7sZtWJYv5Vm4t9W6ZyoULYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwNDE3MTQxMjI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTkxNTkwOGQ3NzFiODlmYjAyYTQyMDI1OGZlNzc5YzAzYzc5NzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyWM5xLmGK5HevnGuHuaAnq3MHEA
Mxupo4PP6407ii3x1TstQSr6OlahE8FwEPjTaBtDSaj50HYtXfuXf8fkSTE5nAq0
9q9IftiPeganWR3fd+8Tib78FRS3hrE7vV5KLrx8R7+1LMdMzXG6baQYhs+Z8D90
hwl0NKGQnTvx8lQ/8uoKjR6IGsz9Kp+zKU9aLIm6xtmh1CUuz1Ea/HMeZ2c9LY1J
piZb0oa1qpXyhb0URUdib3eBhIt32T4QwCXyK/K74FyS+rz32JlmpYDn3EhTCepW
6PP1xrZ+DWQiEe98am0FbhgNGthuccEF149ZhU+fOdjZ0uGWTlgmtJknMwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLmRWQjXcbifsCpCAlj+d5wDx5d/MB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvdVpGWkNOZHh1Si13S2tJQ1dQNTNuQVBIbDM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEBWZgAwQB
UqM0MA0GCSqGSIb3DQEBCwUAA4IBAQBT2lKioe1yJpZ+QvQIhuxasJ836w6niM3k
m1KCBQ4L2WPru5Ep+0mTo8pKq9krsfRUEM6aum1W5OkYI+c64Xf/bZrctKthESTV
FpiQIY/ubmFYiWeCf4H+QE3IIK6Yw+CJY/Y8JeN3VSt0b7JBuMJsHHnshBhja9/T
Jv5/1GCkDnX5kQuf2C5wT0IQdhP7wZsVNOo37Tqka1RfUDT1qGvmQHgQQ6i9VHF1
KUe43dQqKlSVIQhWZcIaUGG2KjZOpOaC9xnaXhB7MRZnLtLUiTOFdFMxCwdEsuyi
xq7giP4TUh2ubYdUa/hdvStfCoyTy6cqsI6S4yMV44cshvo6yvJI
-----END CERTIFICATE-----
Generated at Sat Apr 20 00:24:01 2024 by rpki-client on console-ams.rpki-client.org